Integrated circuit (IC) modules, such as smart cards, are widely used in many different areas. One common use of smart cards is electronic commerce. Smart cards securely store electronic currency that may be used to purchase services or products electronically over a network or at a point-of-purchase terminal (e.g., kiosk, vending machine, phone, toll booth, etc.). Other areas in which smart cards are deployed include physical and logical access control of buildings and computer systems, storage of critical information (e.g., medical records), unscrambling of cable or satellite “premium” signals, and ticketless travel.
Smart cards have evolved technologically to include a processor and multiple forms of memory, including both volatile memory (e.g., random access memory (RAM), and nonvolatile memory (e.g., FLASH, read only memory (ROM), electrically erasable programmable read only memory EEPROM, etc.). As smart cards grew more sophisticated, they began supporting an operating system and multiple applications. One exemplary smart card operating system is Microsoft's Windows® for Smart Card operating system.
With the Windows® operating system, smart card applications can declare “volatile” variables that are stored in RAM. Today, those volatile variables are bound to the application and are disposed once the application terminates. Currently, for the Windows® for Smart Card operating system, there is no means to store and retrieve data in volatile memory for access by multiple applications. Another smart card operating system, called “MULTOS”, does allow multiple applications to store and retrieve data in volatile memory, but its scheme uses a designated memory area block and associates digital certificates to share that space across applications in a controlled manner. This scheme is very complex and not simple to use or implement.
Sharing in RAM, however, poses another problem in terms of security. There is some concern that sensitive data in volatile memory might be accessed by a rogue application and used in a manner not anticipated by the smart card designer or user.
Accordingly, there is a need for technology that renders data in volatile memory available to multiple applications in a simple way, but in a secure fashion to protect against unintentional usage by rogue or malicious applications.